aboutsummaryrefslogtreecommitdiffstats
path: root/src/fripost-postinst-udeb/finish-install.d/07fripost
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2015-05-08 17:10:51 +0200
committerGuilhem Moulin <guilhem@fripost.org>2015-06-07 04:28:17 +0200
commit61bb46a89b9f73055102b369451b6e64f63d45df (patch)
tree06d6b80e5d2cd191e014d7f414f8c5ef74b34881 /src/fripost-postinst-udeb/finish-install.d/07fripost
parent82c1b5a67b250afbcb96c9460ff006f3d02c76cd (diff)
Remove the SELinux configuration option.
Since the default policy is no longer available in Jessie.
Diffstat (limited to 'src/fripost-postinst-udeb/finish-install.d/07fripost')
-rwxr-xr-xsrc/fripost-postinst-udeb/finish-install.d/07fripost37
1 files changed, 0 insertions, 37 deletions
diff --git a/src/fripost-postinst-udeb/finish-install.d/07fripost b/src/fripost-postinst-udeb/finish-install.d/07fripost
index d4e05bb..e583d5a 100755
--- a/src/fripost-postinst-udeb/finish-install.d/07fripost
+++ b/src/fripost-postinst-udeb/finish-install.d/07fripost
@@ -133,43 +133,6 @@ cp /var/lib/fripost/sshd_config /target/etc/ssh/sshd_config
#######################################################################
-# Install and activate SELinux
-# TODO: would be better to have our own policy instead of amending the
-# default one.
-
-db_get fripost/activate-selinux
-if [ "$RET" = true ]; then
- progress "Installing SELinux"
- # Recommended packages include graphical tools...
- /bin/in-target /usr/bin/debconf-apt-progress --no-progress -- \
- apt-get -y install --no-install-recommends \
- selinux-basics selinux-policy-default selinux-policy-dev auditd
- progress "Activating SELinux"
- /bin/in-target /usr/sbin/selinux-activate
-
- sed -ri 's/^#?\s*(FSCKFIX)=(yes|no)\s*(\s#.*)?$/\1=yes/' \
- /target/etc/default/rcS
-
- progress "Running update-grub"
- grep -q '^GRUB_CMDLINE_LINUX=' /target/etc/default/grub \
- || fatal "Missing definition of 'GRUB_CMDLINE_LINUX' in /etc/default/grub"
- GRUB_CMDLINE="console=tty0 security=selinux enforcing=1"
- # ^ TODO: we should leave (non SELinux-related) existing
- # configuration options
- sed -ri "s/^(GRUB_CMDLINE_LINUX)=.*/\1=\"$GRUB_CMDLINE\"/" \
- /target/etc/default/grub
- /bin/in-target /usr/sbin/update-grub
-
- if /bin/in-target /bin/sh -c "dpkg-query -s postfix >/dev/null 2>&1"; then
- progress "Running postfix-nochroot"
- echo 'SYNC_CHROOT=n' >> /target/etc/default/postfix
- /bin/in-target /usr/sbin/postfix-nochroot
- fi
- # TODO: in a crontab: check-selinux-installation
-fi
-
-
-#######################################################################
# Remove unnecessary packages
# TODO: check for dummy packages / RCs in a weekly crontab.